According to one embodiment, an apparatus may store a virtual machine token associated with a virtual machine running on a particular device and a secure image of the virtual machine. The virtual machine token may include a timestamp indicating when the virtual machine was established. The apparatus may receive a token indicating that the particular device is attempting to access a resource. In response, checking the validity of the virtual machine running on the particular device based at least in part upon the timestamp associated with the virtual machine token and a time threshold associated with the virtual machine. If the virtual machine is invalid, then the apparatus may communicate at least one token to initiate the recycling of the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. An apparatus comprising: a memory operable to: store a virtual machine token associated with a virtual machine running on a particular device, the virtual machine token comprising a timestamp indicating when the virtual machine was established; store a secure image of the virtual machine; and a processor operable to: receive a token indicating that the particular device is attempting to access a resource; in response to receiving the token, check the validity of the virtual machine running on the particular device based at least in part upon the timestamp associated with the virtual machine token and a time threshold associated with the virtual machine, wherein the time threshold identifies a period of time during which the virtual machine is valid; determine that the virtual machine is invalid when the time threshold associated with the virtual machine exceeds a current time; when the virtual machine is invalid, then communicate at least one token to initiate the recycling of the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine; recycle the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine; wait for completion of running of at least one pending process by the virtual machine prior to recycling the virtual machine, wherein the memory is further operable to store a secure copy of the at least one pending process; and recover the secure copy of the at least one pending process after recycling the virtual machine.
An apparatus recycles virtual machines (VMs) to enhance security. It stores a VM token containing a timestamp of VM creation and a secure image of the VM. When a device requests a resource, the system receives a token and checks the VM's validity by comparing the token's timestamp against a time threshold. If the VM is considered invalid (timestamp exceeds the threshold), the apparatus initiates recycling. This involves replacing the old VM with the stored secure image. Before recycling, the system waits for pending processes to finish, stores a secure copy of those processes, and restores them after the VM is recycled, ensuring no data loss.
2. The apparatus of claim 1 , the processor further operable to grant the particular device access to the requested resource if the virtual machine is valid.
The apparatus, as described where an apparatus recycles virtual machines (VMs) to enhance security by storing a VM token containing a timestamp of VM creation and a secure image of the VM, granting access to the requested resource is conditional on successful validation of the virtual machine. If the validity check, where the system receives a token and checks the VM's validity by comparing the token's timestamp against a time threshold, confirms the VM is valid, then the device gains access to the resource it requested.
3. The apparatus of claim 1 , the processor further operable to: receive a hard token associated with the particular device; and check the validity of the virtual machine in response to receiving the hard token.
The apparatus, as described where an apparatus recycles virtual machines (VMs) to enhance security by storing a VM token containing a timestamp of VM creation and a secure image of the VM, also receives a "hard token" associated with the device. Before checking the VM's timestamp against a time threshold to determine validity, the apparatus first verifies this hard token. The validity check of the VM, where the system receives a token and checks the VM's validity by comparing the token's timestamp against a time threshold, is only initiated after receiving and validating this hard token.
4. The apparatus of claim 1 , the memory further operable to store at least one token-based rule that is applied to determine that the virtual machine is invalid, wherein the communication of the at least one token to initiate the recycling of the virtual machine is in response to the determination that the virtual machine is invalid.
The apparatus, as described where an apparatus recycles virtual machines (VMs) to enhance security by storing a VM token containing a timestamp of VM creation and a secure image of the VM, uses token-based rules to determine VM invalidity. These rules are stored and applied during the validity check, where the system receives a token and checks the VM's validity by comparing the token's timestamp against a time threshold. If these rules deem the VM invalid, a token is communicated to initiate the recycling process, where the virtual machine is replaced with the secure image of the virtual machine.
5. The apparatus of claim 1 , the processor further operable to, in response to receiving the token, check the status of a flag, wherein the flag is on if the virtual machine is invalid.
The apparatus, as described where an apparatus recycles virtual machines (VMs) to enhance security by storing a VM token containing a timestamp of VM creation and a secure image of the VM, checks a flag's status when a resource access token is received. This flag indicates whether the VM is already considered invalid. Instead of performing the full timestamp comparison and time threshold check, where the system receives a token and checks the VM's validity by comparing the token's timestamp against a time threshold, the system simply checks the state of this pre-existing validity flag. If the flag is on, it triggers the recycling process where the virtual machine is replaced with the secure image of the virtual machine.
6. A method for recycling a virtual machine running on a device, comprising: storing a virtual machine token associated with a virtual machine running on a particular device, the virtual machine token comprising a timestamp indicating when the virtual machine was established; storing a secure image of the virtual machine; receiving a token indicating that the particular device is attempting to access a resource; in response to receiving the token, checking the validity of the virtual machine running on the particular device based at least in part upon the timestamp associated with the virtual machine token and a time threshold associated with the virtual machine, wherein the time threshold identifies a period of time during which the virtual machine is valid; determining that the virtual machine is invalid when the time threshold associated with the virtual machine exceeds a current time; when the virtual machine is invalid, then communicating at least one token to initiate the recycling of the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine; recycling the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine; waiting for completion of running of at least one pending process by the virtual machine prior to recycling the virtual machine; storing a secure copy of the at least one pending process; and recovering the secure copy of the at least one pending process after recycling the virtual machine.
A method recycles virtual machines (VMs) to enhance security. A VM token containing a timestamp of VM creation is stored, along with a secure image of the VM. When a device requests a resource, a token is received, and the VM's validity is checked by comparing the token's timestamp against a time threshold. If the timestamp exceeds the threshold, the VM is invalid, and recycling is initiated. This involves replacing the old VM with the stored secure image. Before recycling, pending processes are allowed to finish, a secure copy of these processes is stored, and the processes are restored after the VM is recycled, ensuring no data loss.
7. The method of claim 6 , further comprising granting the particular device access to the requested resource if the virtual machine is valid.
The method for recycling virtual machines, as described where a virtual machine token containing a timestamp of VM creation is stored, along with a secure image of the VM, granting access to the requested resource is conditional on successful validation of the virtual machine. If the validity check, where the VM's validity is checked by comparing the token's timestamp against a time threshold, confirms the VM is valid, then the device gains access to the resource it requested.
8. The method of claim 6 , further comprising: receiving a hard token associated with the particular device; and checking the validity of the virtual machine in response to receiving the hard token.
The method for recycling virtual machines, as described where a virtual machine token containing a timestamp of VM creation is stored, along with a secure image of the VM, also involves receiving a "hard token" associated with the device. Before checking the VM's timestamp against a time threshold to determine validity, the system first verifies this hard token. The validity check of the VM, where the VM's validity is checked by comparing the token's timestamp against a time threshold, is only initiated after receiving and validating this hard token.
9. The method of claim 6 , further comprising storing at least one token-based rule that is applied to determine that the virtual machine is invalid, wherein the communication of the at least one token to initiate the recycling of the virtual machine is in response to the determination that the virtual machine is invalid.
The method for recycling virtual machines, as described where a virtual machine token containing a timestamp of VM creation is stored, along with a secure image of the VM, utilizes token-based rules to determine VM invalidity. These rules are stored and applied during the validity check, where the VM's validity is checked by comparing the token's timestamp against a time threshold. If these rules deem the VM invalid, a token is communicated to initiate the recycling process, where the virtual machine is replaced with the secure image of the virtual machine.
10. The method of claim 6 , further comprising: in response to receiving the token, checking the status of a flag, wherein the flag is on if the virtual machine is invalid.
The method for recycling virtual machines, as described where a virtual machine token containing a timestamp of VM creation is stored, along with a secure image of the VM, involves checking the status of a flag when a resource access token is received. This flag indicates whether the VM is already considered invalid. Instead of performing the full timestamp comparison and time threshold check, where the VM's validity is checked by comparing the token's timestamp against a time threshold, the system simply checks the state of this pre-existing validity flag. If the flag is on, it triggers the recycling process, where the virtual machine is replaced with the secure image of the virtual machine.
11. One or more computer-readable non-transitory storage media embodying software that is operable when executed to: store a virtual machine token associated with a virtual machine running on a particular device, the virtual machine token comprising a timestamp indicating when the virtual machine was established; store a secure image of the virtual machine; and receive a token indicating that the particular device is attempting to access a resource; in response to receiving the token, check the validity of the virtual machine running on the particular device based at least in part upon the timestamp associated with the virtual machine token and a time threshold associated with the virtual machine, wherein the time threshold identifies a period of time during which the virtual machine is valid; determine that the virtual machine is invalid when the time threshold associated with the virtual machine exceeds a current time; when the virtual machine is invalid, then communicate at least one token to initiate the recycling of the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine; recycle the virtual machine by replacing the invalid virtual machine with the stored secure image of the virtual machine; wait for completion of running of at least one pending process by the virtual machine prior to recycling the virtual machine; store a secure copy of the at least one pending process; and recover the secure copy of the at least one pending process after recycling the virtual machine.
Computer-readable storage media embodies software that recycles virtual machines (VMs) to enhance security. The software stores a VM token with a timestamp indicating VM creation and a secure image of the VM. When a device requests a resource, the software receives a token and checks the VM's validity by comparing the token's timestamp against a time threshold. If the timestamp exceeds the threshold, the VM is considered invalid, and the software initiates recycling. Recycling involves replacing the old VM with the stored secure image. Before recycling, the software waits for pending processes to finish, stores a secure copy of these processes, and restores them after the VM is recycled, ensuring no data loss.
12. The media of claim 11 embodying software further operable to grant the particular device access to the requested resource if the virtual machine is valid.
The media containing software for recycling VMs, as described where the software stores a VM token with a timestamp indicating VM creation and a secure image of the VM, grants access to the requested resource is conditional on successful validation of the virtual machine. If the validity check, where the software checks the VM's validity by comparing the token's timestamp against a time threshold, confirms the VM is valid, then the device gains access to the resource it requested.
13. The media of claim 11 embodying software further operable to: receive a hard token associated with the particular device; and check the validity of the virtual machine in response to receiving the hard token.
The media containing software for recycling VMs, as described where the software stores a VM token with a timestamp indicating VM creation and a secure image of the VM, also handles receiving a "hard token" associated with the device. Before checking the VM's timestamp against a time threshold to determine validity, the software first verifies this hard token. The validity check of the VM, where the software checks the VM's validity by comparing the token's timestamp against a time threshold, is only initiated after receiving and validating this hard token.
14. The media of claim 11 embodying software further operable to store at least one token-based rule that is applied to determine that the virtual machine is invalid, wherein the communication of the at least one token to initiate the recycling of the virtual machine is in response to the determination that the virtual machine is invalid.
The media containing software for recycling VMs, as described where the software stores a VM token with a timestamp indicating VM creation and a secure image of the VM, utilizes token-based rules to determine VM invalidity. These rules are stored and applied during the validity check, where the software checks the VM's validity by comparing the token's timestamp against a time threshold. If these rules deem the VM invalid, a token is communicated to initiate the recycling process, where the virtual machine is replaced with the secure image of the virtual machine.
15. The media of claim 11 embodying software further operable to, in response to receiving the token, check the status of a flag, wherein the flag is on if the virtual machine is invalid.
The media containing software for recycling VMs, as described where the software stores a VM token with a timestamp indicating VM creation and a secure image of the VM, checks the status of a flag when a resource access token is received. This flag indicates whether the VM is already considered invalid. Instead of performing the full timestamp comparison and time threshold check, where the software checks the VM's validity by comparing the token's timestamp against a time threshold, the software simply checks the state of this pre-existing validity flag. If the flag is on, it triggers the recycling process, where the virtual machine is replaced with the secure image of the virtual machine.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
August 15, 2011
June 25, 2013
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.